EPSS
Percentile
33.5%
openexr:stretch is vulnerable to denial of service. An integer overflow leading to a heap-buffer overflow. An attacker could use this flaw to crash an application compiled with OpenEXR. This is a different flaw from CVE-2021-23215.
bugzilla.redhat.com/show_bug.cgi?id=1947582
lists.debian.org/debian-lts-announce/2021/07/msg00001.html
lists.fedoraproject.org/archives/list/[email protected]/message/BXFLD4ZAXKAIWO6ZPBCQEEDZB5IG676K/
security-tracker.debian.org/tracker/CVE-2021-26260